FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
25ed4ff8-8940-11df-a339-0026189baca3bogofilter -- heap underrun on malformed base64 input

Julius Plenz reports:

I found a bug in the base64_decode function which may cause memory corruption when the function is executed on a malformed base64 encoded string.

If a string starting with an equal-sign is passed to the base64_decode function it triggers a memory corruption that in some cases makes bogofilter crash.


Discovery 2010-06-28
Entry 2010-07-06
bogofilter
< 1.2.1_2

bogofilter-sqlite
< 1.2.1_1

bogofilter-tc
< 1.2.1_1

CVE-2010-2494
http://bogofilter.sourceforge.net/security/bogofilter-SA-2010-01
f524d8e0-3d83-11e2-807a-080027ef73ecbogofilter -- heap corruption by invalid base64 input

David Relson reports:

Fix a heap corruption in base64 decoder on invalid input. Analysis and patch by Julius Plenz, [FU Berlin, Germany].


Discovery 2012-10-17
Entry 2012-12-03
bogofilter
< 1.2.3

bogofilter-sqlite
< 1.2.3

bogofilter-tc
< 1.2.3

CVE-2012-5468
http://bogofilter.sourceforge.net/security/bogofilter-SA-2012-01